Requiem for a Disk

--Originally published at TC2027 – Blog will Tear us Apart

How to properly say farewell to your hardware.

Perhaps we might know how to properly use our data storage devices, we know how to keep them safe, encrypt and take care of their physical health. And thanks to that this devices outlive our expectations spans; and we found ourselves with the necessity of improving our setup.

Sure, you might just RAID your PC, but most of the time improving means replacing. Perhaps it’s time to change that old HDD and replace it with a new SSD, or perhaps your USB memory is no longer big enough. And we immediately embark ourselves into deciding, reviewing and Zero-Moment-Of-Truthing the available technology.

Then we procede to install the new, shiny and beautiful hardware into our systems et voilà, we procede to enjoy the pleasures of capitalism; naturally, we fulfill our consumerist  responsibilities by choosing the path of our late hardware.

I know, disposal is not your first option, don’t worry, neither mine. Perhaps use it as cold storage might be useful, or perhaps you can sell it, lend it, give it away, or mod it to work as an external drive.

Independently of how you decide the future of your device, you might want to format it. According to Wikipedia, formatting is:

Disk formatting is the process of preparing a data storage device such as a hard disk drive, solid-state drive, floppy disk or USB flash drive for initial use. In some cases, the formatting operation may also create one or more new file systems.

By creating a new file system it appears as if your data has been wiped out from the drive, you’re good to go and it becomes just one idle piece of metal. That’s what most of the formatting tools do. I don’t want to break

Continue reading "Requiem for a Disk"

We don’t need no network control!

--Originally published at The shield of the world

So, today we are going to talk about Network Security. Network security is the process of taking the physical and software preventive measures to protect the networking infrastructure from unauthorized access, malfunction, modification, destruction or improper disclosure, thereby creating a secure platform for computers, users and programs to perform their permitted critical functions in a safe environment.

Which involves the authorization of access to data in a network, which is controlled by the network administrator. Here is were the users choose or are assigned an ID and password or other authentication information that allows them to access to information and program within their authority. Like the accounts in school or work. Here is were you pray for the network admin to be a master in passwords creation, to help you and the network not get unauthorized access. You can see You shall not pass! to know more about.

2004

So why is important to have a secure network? Well that’s quite easy, because you want to avoid:

  • Viruses, worms, Trojan horses… MALWARE (we already talked about that ¡Un pejelagarto se metió a la cocina!)
  • Spyware and adware…which we can considere that Malware too
  • Zero-day attacks, also called zero-hour attacks
  • Hacker attacks (vulnerabilities)
  • Denial of service, YOU ARE THE 1 MILLION VISITOR!
  • Data interception and theft
  • Identity theft

2005

And how do the network admin protector of the planet will fight against that? Easy question too, with some of this tools:

  • Anti-virus and anti-spyware
  • Firewall, to block unauthorized access to your network
  • Intrusion prevention systems (IPS), to identify fast-spreading threats
  • Virtual Private Networks (VPN), to improve secure remote access

200w1

But this are not all the tools used to maintain and protect the data and information of a company. A security policy is something really useful for a company and we will talk

Continue reading "We don’t need no network control!"

Glass or adamantium shield?

--Originally published at The shield of the world

So after all this information let’s continue talking about the HW encryption, shall we?

giphy

Single-user file/folder level

When an individual wishes to encrypt a single file or group of files there are several options. Most encryption software has the ability to encrypt files individually using a password or other key. Many encryption programs have the ability to create an encrypted “virtual drive”. This is an encrypted file that, when opened with the key, looks like another drive attached to the computer allowing the user to easily open and save files into an encrypted area. Some other applications, like MS Office and OpenOffice, have built-in, single-file encryption features.

Depending on how the encryption software is used, this approach can provide protection from data disclosure when transferring information over the network. E.g. an individual file can be encrypted and then sent as an email attachment, assuming the recipient has the ability to decrypt it.

Multi-user file/folder level

Allowing multiple users to simultaneously access encrypted information is more complicated than a single user. The encryption software must allow the use of either multiple keys (i.e. one for each user) or a shared key (e.g. a shared password). Additionally, the software must deal with multi-user file locking issues (this is usually a problem with the virtual drive approach mentioned in the last section).

This approach can provide an additional layer of protection against the disclosure of highly confidential data on file servers in the event they are compromised. I can also help protect against disclosure on backup media as the files would remain encrypted when backed up.

This approach can get complicated if not all users have the encryption software installed, or they are not configured consistently. This could lead users being unable to access encrypted information or incorrectly believing they

giphy (1)
giphy (2)
giphy (3)
giphy (4)
Continue reading "Glass or adamantium shield?"